You are here
Home > Preporuke > Ranjivosti više Cisco proizvoda

Ranjivosti više Cisco proizvoda

by - 0

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2019-September-25.

The following PSIRT security advisories (12 High) were published at 16:00 UTC today.

Table of Contents:

1) Cisco IOS XE Software NAT Session Initiation Protocol Application Layer Gateway Denial of Service Vulnerability – SIR: High

2) Cisco IOS and IOS XE Software IP Ident Denial of Service Vulnerability – SIR: High

3) Cisco Catalyst 4000 Series Switches TCP Denial of Service Vulnerability – SIR: High

4) Cisco IOx for IOS Software Guest Operating System Unauthorized Access Vulnerability – SIR: High

5) Cisco IOS XE Software Web UI Command Injection Vulnerabilities – SIR: High

6) Cisco IOS and IOS XE Software Session Initiation Protocol Denial of Service Vulnerability – SIR: High

7) Cisco IOS XE Software Raw Socket Transport Denial of Service Vulnerability – SIR: High

8) Cisco IOS XE Software Filesystem Exhaustion Denial of Service Vulnerability – SIR: High

9) Cisco IOx Application Environment Denial of Service Vulnerability – SIR: High

10) Cisco IOS XE Software FTP Application Layer Gateway for NAT, NAT64, and ZBFW Denial of Service Vulnerability – SIR: High

11) Cisco IOS XE Software Unified Threat Defense Denial of Service Vulnerability – SIR: High

12) Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability – SIR: High

+——————————————————————–

1) Cisco IOS XE Software NAT Session Initiation Protocol Application Layer Gateway Denial of Service Vulnerability

CVE-2019-12646

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sip-alg [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sip-alg”]

+——————————————————————–

2) Cisco IOS and IOS XE Software IP Ident Denial of Service Vulnerability

CVE-2019-12647

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-identd-dos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-identd-dos”]

+——————————————————————–

3) Cisco Catalyst 4000 Series Switches TCP Denial of Service Vulnerability

CVE-2019-12652

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-cat4000-tcp-dos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-cat4000-tcp-dos”]

+——————————————————————–

4) Cisco IOx for IOS Software Guest Operating System Unauthorized Access Vulnerability

CVE-2019-12648

SIR: High

CVSS Score v(3.0): 9.9

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ios-gos-auth [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ios-gos-auth”]

+——————————————————————–

5) Cisco IOS XE Software Web UI Command Injection Vulnerabilities

CVE-2019-12650, CVE-2019-12651

SIR: High

CVSS Score v(3.0): 7.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-webui-cmd-injection [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-webui-cmd-injection”]

+——————————————————————–

6) Cisco IOS and IOS XE Software Session Initiation Protocol Denial of Service Vulnerability

CVE-2019-12654

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sip-dos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sip-dos”]

+——————————————————————–

7) Cisco IOS XE Software Raw Socket Transport Denial of Service Vulnerability

CVE-2019-12653

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos”]

+——————————————————————–

8) Cisco IOS XE Software Filesystem Exhaustion Denial of Service Vulnerability

CVE-2019-12658

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iosxe-fsdos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iosxe-fsdos”]

+——————————————————————–

9) Cisco IOx Application Environment Denial of Service Vulnerability

CVE-2019-12656

SIR: High

CVSS Score v(3.0): 7.5

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iox [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iox”]

+——————————————————————–

10) Cisco IOS XE Software FTP Application Layer Gateway for NAT, NAT64, and ZBFW Denial of Service Vulnerability

CVE-2019-12655

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ftp [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ftp”]

+——————————————————————–

11) Cisco IOS XE Software Unified Threat Defense Denial of Service Vulnerability

CVE-2019-12657

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-utd [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-utd”]

+——————————————————————–

12) Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability

CVE-2019-12649

SIR: High

CVSS Score v(3.0): 6.7

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iosxe-digsig-bypass [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iosxe-digsig-bypass”]

—–BEGIN PGP SIGNATURE—–

iQJ5BAEBAgBjBQJdi6OPXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly
dEBjaXNjby5jb20+AAoJEJa12PPJBfcztGwP/1l4QuVVauwziCCa5bVzBjh723O5
6cphlqhWFBX/35dOcHm3yY5L4pW2FsnGYoKDm/p2UmOzlCZp1DW49RTatWx/QqLt
wpf6QO+o4UPuLRPPFqVSsNOYu27x+t+agJ/S7nZNCw9CHB484+f6xBObn9StMVtD
T62lRylXNH03dGxzIPzIyYW15OH9i2TdjtgR9tyjWkO+IJSWArlAp7D/JnQpgUPz
S2ujnJTLlihCAwIczDInQWJlkou5kLqDzlRtAsVbyTxRmO3wCMkJUFwvqcO5/0f5
cg61ahkzyaBtR0l0QBFzayk/Wonc7bE9O2Sr/BfhIsG2qLZ4bgDnJXK4mm1NiaaH
nyHNs15k83oPn2ddPilwBtNLWGkAWbPTehlP3lrCc1XqJAFrU0tKjL0HqECKMFv8
BYGdLBm4zRjESiFksxrDQETfNFDzSX1rff/gIKHZSTWHCY4u9rHPzHMzvjf5F5S8
Oje6F+lj/6rGEAIgzt9pbHkqDKT5WWc5lZ6zoZfSu0DMFOg44DjfQwZW8VgwmxLD
frd5M9F++7zcs9G7Jke/nbScE5pCKnxOSyv1e4WPYpXvDnA/vf35GqSGAbDJsv45
em+zWXVCnIPkSUAxTp/nFracv5EeTnw5z2lDjLDukiA+iXOyU/kGt4JZoKmndon7
3MIylaGjWvXJy9Wk
=LiS+
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa openssl-1_1

Otkriveni su sigurnosni nedostaci u programskom paketu openssl-1_1 za operacijski sustav openSUSE. Otkriveni nedostaci potencijalnim napadačima omogućuju otkrivanje osjetljivih informacija....

Close